warn about unsupported option UsePAM=no (#757545)

openssh-5.9p1-log-usepam-no.patch

@@ -0,0 +1,28 @@
+diff --git a/sshd.c b/sshd.c
+index 8dcfdf2..95b63ad 100644
+--- a/sshd.c
++++ b/sshd.c
+@@ -1592,6 +1592,10 @@ main(int ac, char **av)
+ 	parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
+ 	    &cfg, NULL, NULL, NULL);
+ 
++	/* 'UsePAM no' is not supported in Fedora */
++	if (! options.use_pam)
++		logit("WARNING: 'UsePAM no' is not supported in Fedora and may cause several problems.");
++
+ 	seed_rng();
+ 
+ 	/* Fill in default values for those options not explicitly set. */
+diff --git a/sshd_config b/sshd_config
+index 8c16754..9f28b04 100644
+--- a/sshd_config
++++ b/sshd_config
+@@ -92,6 +92,8 @@ GSSAPICleanupCredentials yes
+ # If you just want the PAM account and session checks to run without
+ # PAM authentication, then enable this but set PasswordAuthentication
+ # and ChallengeResponseAuthentication to 'no'.
++# WARNING: 'UsePAM no' is not supported in Fedora and may cause several
++# problems.
+ #UsePAM no
+ UsePAM yes
+ 

openssh.spec

@@ -194,6 +194,9 @@ Patch708: openssh-5.9p1-entropy.patch
 Patch709: openssh-5.9p1-vendor.patch
 #?
 Patch710: openssh-5.9p1-copy-id-restorecon.patch
+# warn users for unsupported UsePAM=no (#757545)
+Patch711: openssh-5.9p1-log-usepam-no.patch
+
 
 #http://www.sxw.org.uk/computing/patches/openssh.html
 Patch800: openssh-5.9p1-gsskex.patch
@@ -440,6 +443,7 @@ popd
 %patch708 -p1 -b .entropy
 %patch709 -p1 -b .vendor
 %patch710 -p1 -b .restorecon
+%patch711 -p1 -b .log-usepam-no
 
 %patch800 -p1 -b .gsskex
 %patch801 -p1 -b .force_krb